Security Affairs newsletter Round 166 – News of the week

Pierluigi Paganini June 10, 2018

A new round of the weekly SecurityAffairs newsletter arrived!

The best news of the week with Security Affairs.

Let me inform you that my new book, “Digging in the Deep Web” is online

Kindle Edition

Paper Copy

Digging The Deep Web

Once again thank you!

Crooks included the code for CVE-2018-8174 IE Zero-Day in the RIG Exploit Kit
Impervas research shows 75% of open Redis servers are infected
Microsoft reportedly acquires the GitHub popular code repository hosting service
North Korea-Linked Covellite APT group stopped targeting organizations in the U.S.
NYT: Facebook APIs gave device makers deep access to user data. FB disagrees
Thousands of organizations leak sensitive data via misconfigured Google Groups
Updated: Microsoft reportedly acquires the GitHub popular code repository hosting service
‘Zip Slip arbitrary file overwrite vulnerability affects thousands of projects
Iron cybercrime group uses a new Backdoor based on HackingTeams RCS surveillance sw
MyHeritage data breach – 92.3 million user credential exposed
Over 115,000 Drupal Sites still vulnerable to Drupalgeddon2, a gift to crooks
The author of the Sigrun Ransomware decrypts Russian victims files for free
Are Wi-Fi hotspots in World Cup Russia host cities secure?
How Threat Hunters Operate in Modern Security Environments
HR Software company PageUp victim of a Data Breach, experts fear a domino effect
It’s not a joke, Owari botnet operators used root as username and password to access a C&C
Adobe fixed the CVE-2018-5002 Flash Zero-Day exploited in targeted attacks in the Middle East
Prowli Operation – Crooks already compromised over 40,000 servers and IoT Devices
Russia-linked Sofacy APT group adopts new tactics and tools in last campaign
VPNFilter malware now targets new devices, even behind a firewall
Cisco patches a critical vulnerability in Prime Collaboration Provisioning solution
DMOSK Malware Targeting Italian Companies
Facebook confirms privacy settings glitch in a new feature exposed private posts of 14 Million users
Multiple models of IP-based cameras from Chinese firm Foscam could be easily hacked. Update the firmware now!
Chinese state-sponsored hackers steal 600GB U.S. Navy data
Cisco removed hardcoded credentials in WAAS software. Undocumented accounts are a frequent issue
Trend Micro spotted a new variant of KillDisk wiper in Latin America

 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Newsletter)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment